How does a signed Applet read a file ?

Posted on 1997-12-17
Last Modified: 2006-11-17
I have a signed applet that should read a file.
I used the privilegManager to ask for "UniversalFileAccess"
and then the security Window pops up, I grant the access and
try to open a file ( just READ ) butI still get the Security Exception.
If I try this from a different computer ( not at home ) then
I don't even get the Security Window asking for File Access.

My site is located at:

There you have to press the eject/insert button

I will place the source code there too soon.
Question by:experte
  • 2

Accepted Solution

biged040597 earned 100 total points
ID: 1231675

I've had the same problem, I guess at least. When using NN4.03 + JDK 1.1 patch you should turn off your class path. Any calls to methods in classes found in the classpath that try to do some privileged stuff will throw an exception.

Just disable the path or get rid of the local classfiles and the problem should be fixed

Hope this helps,

Author Comment

ID: 1231676
Hi Biged !

This was an interesting answer !

O.K. I REMarked the "SET Classpath....." line in my autoexec.bat file and tried it again.
First I opened the NC 4.02 and opened my index.html on my local computer that holds the
applet. And... it worked ! The applet could open and read a local file on my computer !

Now I went online ! That is, I start AOL and then choose "Go online" with NC 4.02.
I went to my site:

that holds exactly the same html file with the signed applet. First the Java Security Window
pops up, because of the java code where I ask for more Privileges
                 try {
I GRANT the request, but when open the file I get the same message:
# Security Exception: checkread:Read of 'F:\diplom\mpegrefvis\Qspal.mpg' not permitted
# Applet exception: security.checkread: Read of 'F:\diplom\mpegrefvis\Qspal.mpg' not permitted security.checkread: Read of 'F:\diplom\mpegrefvis\Qspal.mpg' not permitted
#  UniversalFileRead privilege not enabled: Reading files stored in your computer CreateProcess: vcafe -netscape error=0
and the applet can NOT read the file.

Funy is, that if I use a different computer and start nc 4.02 and look at the site, there is
NO Java Security Window showing up !!!????? The Java console says that the Issuer of my
Certificate is not known on the actual system.

What I wanted to know was, how does the "right" way works ? What steps do I have to
do,  so that my applet ( that I signed with zigbert ) located on a server, can read files
on a local computer from the user that visits my site and starts the applet.
What is important in the Java source code ? Why does the Java Security Window does not
pop up on a different computer when visiting my URL ?

Hope you can send me some infos !


Expert Comment

ID: 1231677
Hi Guido,

I have never signed a JAR file for Netscape. Since we're still in the debugging phase at the current project I use codebase prinicipals, i.e. I added user_pref("signed.applets.codebase_principal_support", true);
to my prefs.js.

This way you can use the netscape.privilege package without signing the applet.

I advise you to get the latest JDK patch for Netscape and the package. This solved a lot of problems for me, mostly concerning AWT but who knows how many bugs Netscape can put in their VM implementation.

Apart from that, make sure that you also put the package on the web with your applet since that way you can be sure everyone who starts the applet will use the package you expect.

Furthermore, you are using a macro target "UniversalFileAccess". Maybe you should first try to enable the "UniversalFileRead" target , and check afterwards if grant was succesfull. Something like this:

if (System.getProperty("java.vendor").toString().charAt(0)=='N') {
pm = PrivilegeManager.getPrivilegeManager();          pm.enablePrivilege("UniversalFileRead");
try {            
} catch (ForbiddenTargetException e) {
// privilege is not currently granted

Note that you must call PrivilegeManager.getPrivilegeManager(); before using the static methods. (from the dox:
While you can construct your own instance of this class, it won't do you any good to add privileges to your code. Instead, you should call PrivilegeManager.getPrivilegeManager())

You could also try the parameterized Targets : FileRead (from the dox:
if you only want read access to a handful of files, you can pass the file name as the "data" field to enablePrivilege        

It's not a cut and dry solution to your problem but when 2 browsers act differently running an applet it is always a bitch to find what's wrong.


Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Weekend adv creator 3 64
Is there a simpler dropbox system? 10 44
jsp CRUD operations with and without prepared statement also hibernatge 1 27
passing enum to a method 4 34
This was posted to the Netbeans forum a Feb, 2010 and I also sent it to Verisign. Who didn't help much in my struggles to get my application signed. ------------------------- Start The idea here is to target your cell phones with the correct…
Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question